Clik here to view.
Apple Mac OS X APPLE-SA-2016-05-16-4 Multiple Security Vulnerabilities
Apple Mac OS X is prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code, gain sensitive information, cause denial-of-service conditions, bypass...
View ArticleClik here to view.
ZTE ZXDSL 831 Unauthorized Configuration Access Bypass
ZTE ZXDSL 831 suffers from an insecure direct object reference vulnerability.MD5 | 2bfb6bd37fdf3ed71ad37080607a00aeDownload# Exploit Title: ZTE ZXDSL 831 Unauthorized Configuration Access# Date:...
View ArticleClik here to view.
CMS Made Simple 2.1.6 Cross Site Scripting / Template Injection
CMS Made Simple version 2.1.6 suffers from cross site scripting and server-side template injection vulnerabilities.MD5 | b8c203964a0c308b507bd6d8429e5ab3DownloadAffected Software : CMS Made...
View ArticleClik here to view.
Android Gmail < 7.11.5.176568039 - Directory Traversal in Attachment Download
EDB-ID: 43189Author: Google Security ResearchPublished: 2017-11-28CVE: N/A Type: DosPlatform: AndroidAliases: N/AAdvisory/Source: LinkTags: N/AVulnerable App: N/A Source:...
View ArticleClik here to view.
Synology StorageManager 5.2 - Remote Root Command Execution
EDB-ID: 43190Author: SecuriTeamPublished: 2017-11-28CVE: N/A Type: WebappsPlatform: CGIVulnerable App: N/A SSD Advisory – Synology StorageManager smart.cgi Remote Command Execution Full report:...
View ArticleClik here to view.
TempestSDR Remote Video Eavesdropping
This project is a software toolkit for remotely eavesdropping video monitors using a Software Defined Radio (SDR) receiver. It exploits compromising emanations from cables carrying video signals....
View ArticleClik here to view.
pfSense 2.3.1_1 Remote Command Execution
pfSense versions 2.3.1_1 and below contain a remote command execution vulnerability post authentication in the system_groupmanager.php page.MD5 | e31f1a0a55167ae457e32b3a771f6c12Download### This module...
View ArticleClik here to view.
Android Gmail Attachment Download Directory Traversal
There is a directory traversal issue in attachment downloads in Gmail. For non-gmail accounts, there is no path sanitization on the attachment filename in the email, so when attachments are downloaded,...
View ArticleClik here to view.
HikVision Wi-Fi IP Camera Wireless Access Point State
HikVision Wi-Fi IP cameras come with a default SSID "davinci", with a setting of no WiFi encryption or authentication. Depending on the firmware version, there is no configuration option within the...
View ArticleClik here to view.
TempestSDR RTL-SDR Fork
This project is a software toolkit for remotely eavesdropping video monitors using a Software Defined Radio (SDR) receiver. It exploits compromising emanations from cables carrying video signals....
View ArticleClik here to view.
osCommerce 2.3.4.1 - Arbitrary File Upload
EDB-ID: 43191Author: Simon ScannellPublished: 2017-11-11CVE: N/A Type: WebappsPlatform: PHPVulnerable App: # Date: 11.11.2017 # Exploit Author: Simon Scannell - https://scannell-infosec.net...
View ArticleClik here to view.
Microsoft Windows 10 Creators Update (version 1703) (x86) -...
EDB-ID: 43192Author: XPNPublished: 2017-11-27CVE: N/A Type: LocalPlatform: Win_x86Aliases: warbird_exploit_dll.cAdvisory/Source: LinkTags: N/AVulnerable App: N/A EDB Note Source ~...
View ArticleClik here to view.
pfSense - Authenticated Group Member RCE (Metasploit)
EDB-ID: 43193Author: MetasploitPublished: 2017-11-29CVE: N/A Type: RemotePlatform: UnixAliases: N/AAdvisory/Source: LinkTags: Metasploit Framework (MSF)Vulnerable App: N/A # This module requires...
View ArticleClik here to view.
QEMU - Stack Buffer Overflow in NBD Server Triggered via Long Export Name
EDB-ID: 43194Author: Eric BlakePublished: 2017-11-29CVE: CVE-2017-15118 Type: DosPlatform: LinuxAliases: N/AAdvisory/Source: LinkTags: Buffer OverflowVulnerable App: N/A can request export names up to...
View ArticleClik here to view.
Asterisk 13.17.2~dfsg-2 Memory Exhaustion
Asterisk version 13.17.2~dfsg-2 suffers from a remote unauthenticated memory exhaustion vulnerability.MD5 | 359301b570dd73a9d68c81fd132e7f30Download# Exploit Author: Juan Sacco...
View ArticleClik here to view.
Mac OS X Root Privilege Escalation
This Metasploit module exploits a serious flaw in Mac OS X High Sierra. Any user can login with user "root", leaving an empty password.MD5 | f135153db9d869d3133d4890fca2f61fDownload### This module...
View ArticleClik here to view.
Diving Log 6.0 XML External Entity Injection
Diving Log version 6.0 suffers from an XML external entity injection vulnerability.MD5 | 9d6c9f15cd8cdb7805839a5f1d6aa410Download[+] Exploit Title: Diving Log 6.0 XXE Injection[+] Date: 27-11-2017[+]...
View ArticleClik here to view.
Exim 4.89 Denial Of Service
Exim version 4.89 suffers from a denial of service vulnerability while parsing the BDAT data header.MD5 | e4742824af7915ef9c64202e38c10e8aDownloadWhile parsing BDAT data header, exim still scans for...
View ArticleClik here to view.
QEMU 2.10 Buffer Overflow
QEMU version 2.10 suffers from an NBD server long export name stack buffer overflow vulnerability. This was introduced with commit f37708f6b8.MD5 | cd918a363b2e2a85e3195712b7c48c43DownloadIntroduced in...
View ArticleClik here to view.
Synology StorageManager 5.2 Remote Command Execution
Synology StorageManager version 5.2 suffers from a remote root command execution vulnerability in smart.cgi.MD5 | 0e725291dedfc743e647723b95b3a423Download'''SSD Advisory a Synology StorageManager...
View Article